Security Assurance & GRC Principal
ABOUT FANDUEL GROUP
There are more ways to win, here at FanDuel. We’re willing to bet on it.
At FanDuel Group, we give fans a new and innovative way to interact with their favorite games, sports and teams. We’re dedicated to building a winning team and we pride ourselves on being able to make every moment mean more, especially when it comes to your career. So, what does “winning” look like at FanDuel? It’s recognition for your hard-earned results, a culture that brings out your best work—and a roster full of talented coworkers. Make no mistake, we are here to win, but we believe in winning right. That means we’ll never compromise when it comes to looking out for our teammates. From creatives professionals to cutting edge technology innovators, FanDuel offers a wide range of career opportunities, best in class benefits, and the tools to explore and grow into your best selves. At FanDuel, our principle of “We Are One Team” runs through all our offices across the globe, and you can expect to be a part of an exciting company with many opportunities to grow and be successful.
WHO WE ARE…
FanDuel Group is an innovative sports-tech entertainment company that is changing the way consumers engage with their favorite sports, teams, and leagues. The premier mobile gaming destination in the United States, FanDuel Group consists of a portfolio of leading brands across sports betting, iGaming, horse racing, advance-deposit wagering, daily fantasy sports. In addition, FanDuel Group operates FanDuel TV its broadly distributed linear cable television and leading direct-to-consumer OTT platform. FanDuel Group has a presence across all 50 states with approximately 17 million customers and 25 retail locations. The company is based in New York with offices in Los Angeles, Atlanta and Jersey City, as well as in Canada, Scotland, Ireland, Portugal, Romania and Australia. FanDuel Group is a subsidiary of Flutter Entertainment plc, (LON: FLTR) the world's largest sports betting and gaming operator with a portfolio of globally recognized brands.
Our roster has an opening with your name on it
FanDuel Group is looking to add a Security Assurance & GRC Principal to its team with experience across cybersecurity domains, particularly Governance, Risk & Compliance (GRC); Training & Awareness; Resilience; Controls Assurance & Continuous Monitoring; and Third-Party Due Diligence. The Security Assurance & GRC Principal will report to the Security Assurance & Controls Senior Director within FanDuel Group’s Cybersecurity team. The Security Assurance & GRC Principal will assist the Senior Director with strategic planning, audits, risk assessments, training, writing policies and procedures, metrics, and reporting. The ideal candidate for this role has a strong understanding of cybersecurity best practices with a standout ability to translate technical concepts and cybersecurity risks into business capability impacts. Superior relationship building and people skills are of paramount importance to succeeding in this role, as is a strong work ethic, attention to detail, a commitment to being a team player, and an aptitude to quickly learn the nuances of a fast-growing company within an expanding industry.
THE GAME PLAN
Everyone on our team has a part to play
This position will work with a fantastic team of cybersecurity professionals to build and enhance the Security Assurance & GRC Program at FanDuel. This role will:
- Play an integral role in enhancing and developing the Cybersecurity GRC, Resilience, Identity Governance, Training & Awareness, Third Party Due Diligence, and Security Assurance related programs.
- Support the Senior Director with the development and execution of department goals and roadmap aligned with the CISO’s strategy and FanDuel's business objectives and regulatory requirements.
- Advise FanDuel stakeholders across all departments on cybersecurity risk, controls, policies, and training practices.
- Interpret industry requirements and regulations to determine, develop, and maintain appropriate technology security controls, policies, and procedures that drive better practices and efficiency while reducing risk.
- Stay abreast of the latest industry trends, security technologies, and best practices to continuously improve Security Assurance & GRC department programs.
- Identify opportunities for automation and improvement to help the team and other key stakeholders work smarter, faster, and more effectively.
- Drive innovation and delivery of critical initiatives and assignments within the department.
- Manage department intake, JIRA board priorities, and on-time delivery of work in partnership with the Senior Director.
- Facilitate the creation, consolidation, and report out of functional key performance and risk indicators to leadership.
- Assist in developing policies, procedures, training, presentations, and other materials to report to senior leadership.
- Provide guidance and mentorship to team members on department processes and security best practices.
- Become a trusted security advisor through bi-directional partnership across a wide range of stakeholders from Legal, Internal Controls, Internal Audit to Product and Engineering.
- Serve as a delegate for the Security Assurance & GRC Senior Director for meetings, approvals, deliverable reviews, and other requests as needed.
What we're looking for in our next teammate
- Minimum 8-years of cybersecurity experience in GRC or across a variety of cybersecurity domains in a highly regulated industry.
- Experience in developing cybersecurity controls and technical solutions aligned to cybersecurity standards such as SOX ITGCs, NIST CSF, NIST 800-53, ITIL, PCI DSS, etc.
- A strong aptitude for policy, process, procedure, analytics, and effective reporting.
- Working knowledge of hosted SaaS offerings, cloud technologies, and code development practices.
- Experience building out effective cybersecurity processes including drafting policies, procedures, and training documents.
- Prior consultancy experience and project implementation is a plus.
- Strong interpersonal, influencing, and communications skills with an ability to interact effectively with senior management and stakeholders.
- Experience working in a tech industry, product-based organization.
- Passion to work hard in a fast-paced, start-up environment.
- A self-starter with energy to follow-through and own the outcome.
- An exceptional team player, with a desire to be a leader within FanDuel Group.
- Prior experience or knowledge of the iGaming industry preferred.
- Relevant cybersecurity certification(s), including CISSP, CISA, CISM, or CCSP preferred.
We treat our team right
From our many opportunities for professional development to our generous insurance and paid leave policies, we’re committed to making sure our employees get as much out of FanDuel as we ask them to give. Competitive compensation is just the beginning. As part of our team, you can expect:
- An exciting and fun environment committed to driving real growth
- Opportunities to build really cool products that fans love
- Mentorship and professional development resources to help you refine your game
- Flexible vacation allowance to let you refuel
- Hall of Fame benefit programs and platforms
FanDuel Group is an equal opportunities employer and we believe, as one of our principal states, “We Are One Team!” We are committed to equal employment opportunity regardless of race, color, ethnicity, ancestry, religion, creed, sex, national origin, sexual orientation, age, citizenship status, marital status, disability, gender identity, gender expression, and Veteran status. We believe FanDuel is strongest and best able to compete if all employees feel valued, respected, and included. We want our team to include diverse individuals because diversity of thought, diversity of perspectives, and diversity of experiences leads to better performance. Having a diverse and inclusive workforce is a core value that we believe makes our company stronger and more competitive as One Team!
The applicable salary range for this position is $174,000 to $239,000 which is dependent on a variety of factors including relevant experience, location, business needs and market demand. This role may also be eligible for short-term or long-term incentive compensation.